[FFmpeg-devel] [PATCH]Fix crash on OOM

Carl Eugen Hoyos cehoyos at ag.or.at
Thu Jun 27 02:31:03 CEST 2013


On Thursday 27 June 2013 01:58:41 am Michael Niedermayer wrote:
> On Thu, Jun 27, 2013 at 12:18:25AM +0200, Carl Eugen Hoyos wrote:
> >
> > Attached patch fixes a null-pointer-dereference in
> > avcodec_decode_video2() because of OOM as reported in ticket 1900.

> > +                if (ret < 0)
> > +                    goto find_stream_info_err;
> > +            }
> >          }
> >          if (!options)
> >              av_dict_free(&thread_opt);
>
> failure of one decoder to open should not cause failure of the 
> other streams

Attached is an alternative patch that also fixes the null ptr 
dereference.

Thank you, Carl Eugen
-------------- next part --------------
diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index 9fe3a16..e0819f4 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -1920,6 +1920,8 @@ int attribute_align_arg avcodec_decode_video2(AVCodecContext *avctx, AVFrame *pi
     // copy to ensure we do not change avpkt
     AVPacket tmp = *avpkt;
 
+    if (!avctx->codec)
+        return AVERROR(EINVAL);
     if (avctx->codec->type != AVMEDIA_TYPE_VIDEO) {
         av_log(avctx, AV_LOG_ERROR, "Invalid media type for video\n");
         return AVERROR(EINVAL);


More information about the ffmpeg-devel mailing list